Описание
The default configuration of TLS in IBM Tivoli Directory Server (TDS) 6.3 and earlier supports the (1) NULL-MD5 and (2) NULL-SHA ciphers, which allows remote attackers to trigger unencrypted communication via the TLS Handshake Protocol.
Ссылки
Уязвимые конфигурации
Конфигурация 1Версия до 6.3.0 (включая)
Одно из
cpe:2.3:a:ibm:tivoli_directory_server:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:3.2.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:4.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:5.2.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.7:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.8:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.69:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.45:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.46:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.47:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.48:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.2.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.19:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.20:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.21:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.22:*:*:*:*:*:*:*
EPSS
Процентиль: 66%
0.00519
Низкий
6.4 Medium
CVSS2
Дефекты
CWE-310
Связанные уязвимости
github
больше 3 лет назад
The default configuration of TLS in IBM Tivoli Directory Server (TDS) 6.3 and earlier supports the (1) NULL-MD5 and (2) NULL-SHA ciphers, which allows remote attackers to trigger unencrypted communication via the TLS Handshake Protocol.
EPSS
Процентиль: 66%
0.00519
Низкий
6.4 Medium
CVSS2
Дефекты
CWE-310